Over the last couple of weeks, we’ve been seeing new modifications of the PDF exploits spread and managed by the El Fiesta toolkit. Among other things, this nasty package targets unpatched Adobe and browser vulnerabilities to download more malicious code onto the victim machine.
A ‘nice’ feature – for the bad guys, that is – is that Fiesta can be used not just to launch attacks, but to monitor them online. The screenshot below shows data on attacks which have been launched on machines around the world.
El Fiesta got a fair bit of publicity back in September this year. The fact that we’re seeing new variants shows there are still a good number of machines with unpatched software out there that malware writers want to get their hands on.